Advertisement

Analyzing Operating Systems’ Behavior to Crafted Packets

  • Thusith AbeykoonEmail author
  • Kasun Abeykoon
  • Tirthankar Ghosh
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 313)

Abstract

Operating Systems are vulnerable to malicious packet injection because of their inherent design and implementation flaws. TCP/IP stacks in different operating systems are especially vulnerable to this. Using crafted packets, we can analyze how each operating system responds to malicious packet injection. The main goal of this study is to analyze behavior of different operating systems to specially crafted packets. In this experiment, we crafted four types of packets: TCP SYN packets with data, packets with IP options, overlapping fragments, and tiny fragments. We use “Scapy” [1], a powerful packet crafting tool using Python to craft packets with customized headers and payloads. Results indicated that Windows and Linux behaved differently to these packets. Windows showed more vulnerability when receiving data in SYN packets, while Linux responded to packet with IP options. Both systems also handled overlapping fragments differently.

Keywords

Packet manipulation Operating system behavior 

References

  1. 1.
    Postel, J., “Internet Protocol”, RFC 791, DARPA, September 1981.Google Scholar
  2. 2.
    Postel, J. “Transmission Control Protocol”, RFC 793,DARPA, September 1981.Google Scholar
  3. 3.
    Eddy, W., “TCP SYN Flooding Attacks and Common Mitigations”, RFC 4987, Varizon, August 2007.Google Scholar
  4. 4.
    Miller, I., “Protection Against a Variant of Tinly Fragment Attack”, RFC 3128, June 2001.Google Scholar
  5. 5.
    Biondi, P., “Scapy V2.1.1-dev Documentation. Version 2.1.1”. 19 April. 2010. Web. 09 December. 2011.Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Thusith Abeykoon
    • 1
    Email author
  • Kasun Abeykoon
    • 1
  • Tirthankar Ghosh
    • 1
  1. 1.Department of Computer Science and Information TechnologySt. Cloud State UniversitySt. CloudUSA

Personalised recommendations